# 每日安全资讯(2026-05-16) - Private Feed for M09Ic - [ ] [kpcyrd starred Antiz96/oniri](https://github.com/Antiz96/oniri) - [ ] [anthropics released v2.1.143 at anthropics/claude-code](https://github.com/anthropics/claude-code/releases/tag/v2.1.143) - [ ] [pydantic released v1.97.0 at pydantic/pydantic-ai](https://github.com/pydantic/pydantic-ai/releases/tag/v1.97.0) - [ ] [bolucat released 202605152146 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202605152146) - [ ] [github released v0.8.11 at github/spec-kit](https://github.com/github/spec-kit/releases/tag/v0.8.11) - [ ] [firecrawl released v2.10 at firecrawl/firecrawl](https://github.com/firecrawl/firecrawl/releases/tag/v2.10) - [ ] [kpcyrd starred BarbossHack/reproducible](https://github.com/BarbossHack/reproducible) - [ ] [liamg contributed to infracost/proto](https://github.com/infracost/proto/pull/53) - [ ] [jar-analyzer released 5.21 at jar-analyzer/jar-analyzer](https://github.com/jar-analyzer/jar-analyzer/releases/tag/5.21) - [ ] [Mel0day starred Gingiris/growth-tools](https://github.com/Gingiris/growth-tools) - [ ] [Mr-xn starred TrustTunnel/TrustTunnel](https://github.com/TrustTunnel/TrustTunnel) - [ ] [mgeeky starred eSentire-Labs/surveyor](https://github.com/eSentire-Labs/surveyor) - [ ] [joaoviictorti starred Nightmare-Eclipse/MiniPlasma](https://github.com/Nightmare-Eclipse/MiniPlasma) - [ ] [Ridter forked Ridter/ssh-keysign-pwn from 0xdeadbeefnetwork/ssh-keysign-pwn](https://github.com/Ridter/ssh-keysign-pwn) - [ ] [Ridter starred 0xdeadbeefnetwork/ssh-keysign-pwn](https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn) - [ ] [whwlsfb starred clacky-ai/openclacky](https://github.com/clacky-ai/openclacky) - [ ] [PrefectHQ released 3.7.1.dev9 at PrefectHQ/prefect](https://github.com/PrefectHQ/prefect/releases/tag/3.7.1.dev9) - [ ] [agentscope-ai released v1.0.20 at agentscope-ai/agentscope](https://github.com/agentscope-ai/agentscope/releases/tag/v1.0.20) - [ ] [whwlsfb starred woodpecker-appstore/ghost-bits-encoder](https://github.com/woodpecker-appstore/ghost-bits-encoder) - [ ] [ZeddYu starred mahonzhan/awesome-coding-plan](https://github.com/mahonzhan/awesome-coding-plan) - [ ] [FunnyWolf starred veops/cmdb](https://github.com/veops/cmdb) - Doonsec's feed - [ ] [红队攻击 Web3 AI 代理攻击途径的指南攻击](https://mp.weixin.qq.com/s/_BDvYVudigZa_fTDThIYJA) - [ ] [AI 驱动的渗透测试 CLI 工具 — 说人话,打漏洞](https://mp.weixin.qq.com/s/M58-s1GDTAjSJT1cSI8jeg) - [ ] [天锐绿盾审批系统findOnlineUserForPage.do接口存在信息泄露漏洞 附POC](https://mp.weixin.qq.com/s/PdUpr8J3aW_kqYsQmRqj_w) - [ ] [【红队工具】SOAPy--SOCKS5代理与ADWS进攻性交互](https://mp.weixin.qq.com/s/DGISHzgE5aUMKZb2u7l6rQ) - [ ] [零失败可乐鸡翅,嫩滑入味,孩子超爱吃](https://mp.weixin.qq.com/s/BRg2R8W5zYlt9R4vlKGWkQ) - [ ] [AI赋能安全测试-APK文件逆向分析(jadx-ai-mcp)](https://mp.weixin.qq.com/s/PJrpsQoDiKno2ytjSDuzkA) - [ ] [还有6年前没用过的东西](https://mp.weixin.qq.com/s/J8YkYiPasA45hhd3a_5TVg) - [ ] [揭露偷资料的小偷学员](https://mp.weixin.qq.com/s/vg0r8qE9zBV-4YPHWeohbQ) - [ ] [恐怖如斯!Mythos搞定18个V8漏洞,AI漏洞利用比人类还稳?](https://mp.weixin.qq.com/s/0Nn65decO4Tl9_TA34Dwzg) - [ ] [AI 生成 | Shai-Hulud (TeamPCP) 源码分析](https://mp.weixin.qq.com/s/zTvbYM61cr7bFDHYRcjuLw) - [ ] [国际认可 | 绿盟科技入选Gartner®《网络威胁情报技术魔力象限》远见者象限](https://mp.weixin.qq.com/s/ve-TNGlJEld-jDtOei9ryw) - [ ] [开源软件分享 给你的密码加道锁](https://mp.weixin.qq.com/s/lgZtzutGBS8RSjwjqnpT9w) - [ ] [官宣 | 中睿天下入选CNCERT国家级应急支撑单位,网络安全监测领域再获权威认可](https://mp.weixin.qq.com/s/pGOsTHWJSLdXePre3R0q0w) - [ ] [整线完成了](https://mp.weixin.qq.com/s/pzCPeIOJNRZruoEdEcfzoA) - [ ] [深度解析 OpenAI Daybreak:GPT-5.5 与智能体架构如何重塑代码安全防线?](https://mp.weixin.qq.com/s/0y9mPJUeMqE_Ut537b-wiQ) - [ ] [特朗普刚走!央视6000万拿下世界杯版权](https://mp.weixin.qq.com/s/Z9l-FGr-XD3jqy3Q9EVsJQ) - [ ] [突发!富士康遭勒索攻击:1100万文件泄露](https://mp.weixin.qq.com/s/KNZ4XFRW1doRrlK4pXfq6w) - [ ] [终端隐形链:OSC 8超链接注入攻击](https://mp.weixin.qq.com/s/v3ES8XbXVu4GKjwKXBlHNA) - [ ] [MemShellParty 一款主流 Web 中间件内存马生成工具](https://mp.weixin.qq.com/s/MPiJzxFE93W9xfR_InsDgw) - [ ] [Codex最新更新把插件锁了?3分钟救回来!](https://mp.weixin.qq.com/s/eAcC66wbHTvUQEFX77tJng) - [ ] [抓包之后再也不用手动分析了!Anything Analyzer 来了](https://mp.weixin.qq.com/s/GApG-JXuabVoWU7CZwNpLQ) - [ ] [如何确保信息系统账号安全?](https://mp.weixin.qq.com/s/CM80dentYFHrZuHkROiRgQ) - [ ] [上新日 | 别让 Claude 在后台等你批权限,集中管理编程 Agent!Vibe Island 上架](https://mp.weixin.qq.com/s/pcCnRcXinr1Wik4L5nc6MA) - [ ] [筑牢智能时代的数字长城:Token经济呼唤全域全栈安全防护体系](https://mp.weixin.qq.com/s/-mCRYppiZyx_VsqJj5gdbQ) - [ ] [真实企业攻防演练现场,到底有多恐怖?](https://mp.weixin.qq.com/s/ysw6Ah_QeeF2In6j3EesfQ) - [ ] [威胁情报|node-ipc 遭供应链入侵投毒攻击分析](https://mp.weixin.qq.com/s/8iUR6_plQg7zuFlgmuu_Ww) - [ ] [威胁情报|Mistral AI 官方 SDK 供应链投毒分析](https://mp.weixin.qq.com/s/psAhg1D3wbsNeNwyg4R2HQ) - [ ] [什么是专线网络?](https://mp.weixin.qq.com/s/lhFu8zquGwW0j3_dBdF8_Q) - [ ] [创信资讯丨教育信息系统密评怎么做?创信华通这场培训会讲透了](https://mp.weixin.qq.com/s/-fi9qE8EPRo3-2gzJuqoAw) - [ ] [连续入选!米好信安登嘶吼网络安全产业图谱](https://mp.weixin.qq.com/s/vvErMJVFIEHRthRTv7FKCg) - [ ] [米好信安成功上榜深圳市网络与信息安全行业协会《2026年网络与信息安全行业全景图》](https://mp.weixin.qq.com/s/KFS-bbIgjuhlxGwMYDIWQw) - [ ] [AI重塑攻防边界:盛邦安全联合八方权威发布2025测绘与反测绘报告,点亮星地立体防御“活地图”](https://mp.weixin.qq.com/s/753FMr6zCBiQTdjkBRTw7w) - [ ] [微软警告:HPE Operations Agent 可能在无恶意软件攻击中被滥用](https://mp.weixin.qq.com/s/n9TqWGWGQCfe0MNsIc7u2w) - [ ] [AI智能体权限管理:安全与效率的平衡之道](https://mp.weixin.qq.com/s/xRPGxEvViUobQR-I98VJNw) - [ ] [在 Pwn2Own Berlin 2026 大会上,Microsoft Edge、Windows 11 和 LiteLLM 遭到攻击](https://mp.weixin.qq.com/s/XBz6ha4me9Q-jlo27Vl2Cg) - [ ] [美国放行H200:不是松绑,是升级版芯片战](https://mp.weixin.qq.com/s/8gkKTXjQ7gcE6mziS6Oplg) - [ ] [“工赋砺网”再升级,上海工业和信息化领域安全迈入AI攻防新阶段](https://mp.weixin.qq.com/s/_iXMd0-E-PGHeMGdK7yHIA) - [ ] [上市银行将大量客户隐私数据上传给了未授权AI](https://mp.weixin.qq.com/s/Q5BiONzgTNvuIw0aGF8BZg) - [ ] [新手必备!大模型微调全流程](https://mp.weixin.qq.com/s/nzXBkMa0KgH-ksnGS2_oOA) - [ ] [关于征集《数据智能体研究报告(2026)》参编单位的通知](https://mp.weixin.qq.com/s/tG0Pc4VKg_spQjoUuLwNpQ) - [ ] [自学黑客技术顺序很重要别弄错了](https://mp.weixin.qq.com/s/Alvuro_D4eQJjiwqn-8saQ) - [ ] [一个月内第三起!Linux内核再曝Fragnesia高危漏洞](https://mp.weixin.qq.com/s/rrw4VgmXqxMZgUf8WBzFFw) - [ ] [直播预告:AI重塑白帽圈,暴富还是出局?](https://mp.weixin.qq.com/s/2fD01ZvECoi8hBlj7TY3bA) - [ ] [Anthropic Mythos AI再出手,发现可绕过苹果安全机制的macOS漏洞](https://mp.weixin.qq.com/s/8_gNFJoziWjWjkhD_KGESQ) - [ ] [Windows DNS客户端漏洞可导致远程代码执行攻击](https://mp.weixin.qq.com/s/XreczO_mTaQmUlrBUFr9vw) - [ ] [安全动态丨网络空间安全动态第333期](https://mp.weixin.qq.com/s/mj6RGASjDADbzsnqryKaAA) - [ ] [每周网络安全简讯 ( 2026年 第20周 )](https://mp.weixin.qq.com/s/uSnkL9l9VMeinuzms1bqog) - [ ] [【漏洞通告】Palo Alto Networks PAN-OS身份绕过认证漏洞(CVE-2026-0265)](https://mp.weixin.qq.com/s/Ov5oKKQ1b8UCqYd39v_w8w) - [ ] [【漏洞通告】Nginx ngx_http_rewrite_module 缓冲区溢出漏洞(CVE-2026-42945)](https://mp.weixin.qq.com/s/a0VH9NHrucR7MDvgLPVp8Q) - [ ] [【漏洞通告】Linux Kernel Fragnesia 权限提升漏洞(CVE-2026-46300)](https://mp.weixin.qq.com/s/r2FHhy43tRYoZlBt9OYgcw) - [ ] [重磅!2026“人工智能+制造”融合创新研讨会首批早鸟票开抢,AI赋能新质生产力](https://mp.weixin.qq.com/s/G5eUs2NtoyvGTnsZJ7OhVQ) - [ ] [CACTER反钓鱼演练系统升级上线|只需四步,即开即用!](https://mp.weixin.qq.com/s/46b00pG5I6qhJSnXo7mzGw) - [ ] [【深度解析】曾在海南度假 极度了解国内生态的The Gentlemen勒索组织内部数据全景剖析(一)](https://mp.weixin.qq.com/s/Htq3D6Gr2n-4Bb7emlYXgw) - [ ] [后天正式开课!速来免费领4节公开课·洞悉安全实战精品课](https://mp.weixin.qq.com/s/AHaF15V_nmGFVmfNKvEvTQ) - [ ] [282G教程放送!2026网络安全资料最全合集(从0到挖漏洞、打CTF、护网、就业)](https://mp.weixin.qq.com/s/76y61eknc6G-oD9Qalm0wg) - [ ] [苹果耗时5年、耗资10亿打造M5终极防线,竟被 3人+Mythos 在5天内击穿](https://mp.weixin.qq.com/s/H0shMLBtaVthKC8km8h6Wg) - [ ] [2026腾讯游戏安全PC初赛:新手使用IDAPRO+AI结合参赛分析复盘](https://mp.weixin.qq.com/s/BNIK4UDQ9GuFm9jIUW8Fkg) - [ ] [本周更新职位:薪资最高70k,企业直招一键投递](https://mp.weixin.qq.com/s/p1hy8CbN6Xl-aQ-7u8U5WQ) - [ ] [电子取证平台又更新了:团队赛、海量赛题、知识库、训练分析一次说清](https://mp.weixin.qq.com/s/fyEwIdsteyP4GIcOQBMPFw) - [ ] [生成式人工智能大规模个人信息泄露的协同治理路径](https://mp.weixin.qq.com/s/gMLbU-BGv24_1xyYjwP62g) - [ ] [报名即将截止|“CCF-INFORSEC网络空间安全前沿创新论坛”23日在京召开](https://mp.weixin.qq.com/s/kcUe6SBPDnusOUPW9F5kOQ) - [ ] [【漏洞预警】Linux Kernel 越权任意文件读取漏洞,PoC 已公开](https://mp.weixin.qq.com/s/mutmN1nje_x5bZAmQm8I9g) - [ ] [Web Fuzzer 强化:AI自动修改数据包与智能测漏洞](https://mp.weixin.qq.com/s/kqLGRhmQa8fs5HifQHqMsQ) - [ ] [配置秒级同步,业务全天候在线!APV重塑多活数据中心流量编排](https://mp.weixin.qq.com/s/5-MPDsWT75hksYHlZ5E6BA) - [ ] [【高危漏洞预警】Windows 存储空间控制器提权漏洞(CVE-2026-35415)](https://mp.weixin.qq.com/s/dxSq7GoaSDEWy5-6intj3Q) - [ ] [u200b验证码渗透最全总结](https://mp.weixin.qq.com/s/2fkhLaZ_-4-vb80I0DVsmQ) - [ ] [中国 SaaS 没等来“人”,可能先等来了 Agent](https://mp.weixin.qq.com/s/QTpwgkqmc3xxXJL7MVGLZg) - [ ] [一图读懂《中国智慧教育发展报告(2025-2026)》](https://mp.weixin.qq.com/s/M76ZTyPUHBUv9e4xcqNTag) - [ ] [安恒19岁生日嘉年华,比个“耶”再出发!](https://mp.weixin.qq.com/s/2h74MHGmskTzt40b8378Dw) - [ ] [腾讯混元推出轻量翻译大模型,无需联网,手机直接运行!](https://mp.weixin.qq.com/s/IeI8zD8YmCON0BN0YCMu1Q) - [ ] [烽火狼烟丨暗网数据及攻击威胁情报分析周报(05/11-05/15)](https://mp.weixin.qq.com/s/6veyJePz3ELYvS2di8QE_A) - [ ] [网络安全信息与动态周报2026年第19期(5月4日-5月10日)](https://mp.weixin.qq.com/s/2E-4-QZ79W3DcbMYFuA90g) - [ ] [从“成人游戏”到亚足联,4月网络攻击无孔不入](https://mp.weixin.qq.com/s/bLEt0bkYnC_JSDuM7rt4Xg) - [ ] [邀请函|「数安漕河泾」系列活动:AI时代的企业数据安全](https://mp.weixin.qq.com/s/pIHXz9H100HpWuf07rcDQg) - [ ] [UDS,进入Bootloader等同安全解锁,接受否?](https://mp.weixin.qq.com/s/uApB0bltb5Eeb8qm2-Qkow) - [ ] [追觅造车主体公司232万元股权被冻结,实控人为俞浩](https://mp.weixin.qq.com/s/bA7bKi-b0vSnNETxgwVdtA) - [ ] [防务快讯 | 美军开展MDACS多域火炮系统测试](https://mp.weixin.qq.com/s/M6LRchhgmztwEwW-2K_ASw) - [ ] [重磅发布|揭秘取证赛事拿奖神器](https://mp.weixin.qq.com/s/CCcZqgzghZm5_ferbZ55cg) - [ ] [加快实现高水平科技自立自强](https://mp.weixin.qq.com/s/rNlBMaHQakj39lIdtP25wQ) - [ ] [美国国家科学基金会启动“X-Labs”计划,拟十年投入15亿美元推动突破性科研](https://mp.weixin.qq.com/s/oV30CSVwryYDJMErItD1Yg) - [ ] [广州大学方班研究成果入选国际顶级安全会议 DEF CON](https://mp.weixin.qq.com/s/Fz9Qr_LnSB7pH1EinTq2rw) - [ ] [西南石油大学网络空间安全科技创新团队在CCF A类期刊IEEE TDSC发表最新前沿研究成果](https://mp.weixin.qq.com/s/TX549Bhk_PcQL6cVp8xZVQ) - [ ] [商用密码应用安全性评估实战-物理与环境安全层面测评全过程讲解](https://mp.weixin.qq.com/s/kBMOsQfwanRIHLMGtrMdYA) - [ ] [记录-2026-05-15 demo 1](https://mp.weixin.qq.com/s/pFAE9VdFT38e19pUYaIxSQ) - [ ] [在这个互不相识的数字荒野,我们凭什么敢把隐私数据交给远端的服务器?](https://mp.weixin.qq.com/s/NRdSmH8b_KJEp1RW_qRToA) - [ ] [认知影响机制的演进:神经科学视角下的信息交互新趋势](https://mp.weixin.qq.com/s/I1-DfyL-8FMUWv_NiBSsqQ) - [ ] [时代感](https://mp.weixin.qq.com/s/naC_9afEncURo70-_-zB5Q) - [ ] [伪装成 Google Gemini CLI 的新型 Windows 恶意软件攻击活动分析](https://mp.weixin.qq.com/s/ZruHEc_FUxwuKrPl-sb4aw) - [ ] [\"十五五\"开局立法新风向,网安相关要点有哪些?](https://mp.weixin.qq.com/s/Pwm2dS2ZMNNctkEOU7dWqg) - [ ] [AI赋能安全:信心爆棚,落地极差](https://mp.weixin.qq.com/s/sC68i4PFOnWPO0hyfYafng) - [ ] [免杀分析 | PowerShell命令执行、检测与绕过](https://mp.weixin.qq.com/s/7Tto5H7OxmpTQGkyyVfOuQ) - [ ] [“人工智能驱动中小企业数字化转型的网络安全实践”项目研讨会在上海召开](https://mp.weixin.qq.com/s/0RXH3p0UEtCRJCsSC5iE7g) - [ ] [当编程代理成为攻击跳板:恶意技能如何绕过模型防御](https://mp.weixin.qq.com/s/jBMLcmk59OVmZ-5OSfpsQQ) - [ ] [DudeSuite v1.2.2.2 新赛季重大更新](https://mp.weixin.qq.com/s/B2vu2pKqETyf4LMotSoPvw) - [ ] [头部车企因违规出售用户数据被罚近9000万!](https://mp.weixin.qq.com/s/Xfwc7ElkUogOYXUU-s9AIQ) - [ ] [网警守护网络安全,系列提醒之“AI生成内容安全”篇](https://mp.weixin.qq.com/s/WEbdZJfnO2XQOiKuQ2AIdg) - [ ] [感谢大家太热情啦!二群来啦](https://mp.weixin.qq.com/s/QOvczcoU-ZOIFtdHi7tUdQ) - [ ] [邀请函 | 2026xa0AI+网络安全高级研讨会](https://mp.weixin.qq.com/s/huH3Hq0fLnmrjGHAKFFzQg) - [ ] [【免费领】国内第一本Android应用安全与逆向分析教程](https://mp.weixin.qq.com/s/uyyEFTv_tI8poDSNs_MJUA) - [ ] [是时候让安全运营Agent“直连”数据底座了](https://mp.weixin.qq.com/s/nGlZxV9j7BSnXTLHKwA94Q) - [ ] [安全简讯(2026.05.15)](https://mp.weixin.qq.com/s/_Phb-Ya0yUfuG37ucCLPzg) - [ ] [【漏洞通告】NGINX ngx_http_rewrite_module堆缓冲区溢出漏洞(CVE-2026-42945)](https://mp.weixin.qq.com/s/xzwFu7Khfq50FxnKMXme5Q) - [ ] [我终于成功组装了我的Socket 775 + AGP电脑,主板:Intel D865GSA,CPU:奔腾 4 HT 641,内存:2GB DDR400,GPU:128MB PNY GeForce 6200](https://mp.weixin.qq.com/s/B3xab2GMKLpWDFQ__qXnNg) - [ ] [第四期网络安全学院学生创新资助计划正式启动](https://mp.weixin.qq.com/s/uIwDBGCErIkvDVV4d6ikZg) - [ ] [提权实录:通过命名管道劫持可写服务](https://mp.weixin.qq.com/s/BWBnWC_fvISyebvj1YLrWQ) - [ ] [安全资讯汇总:2026.5.11-2026.5.15](https://mp.weixin.qq.com/s/QrFjtciYTw5xL7vV0iw_VQ) - [ ] [实力蝉联|国舜科技入选嘶吼2026网络安全产业图谱16项细分领域](https://mp.weixin.qq.com/s/OOEICgAoub8wiPg0_OZNtQ) - [ ] [【已复现】Linux Kernel ptrace 本地权限提升漏洞(QVD-2026-26977)安全风险通告](https://mp.weixin.qq.com/s/SIs8VZVo_vnjeVuBB7NGsA) - [ ] [能信安:漏洞通告](https://mp.weixin.qq.com/s/izVy1U113E-dxqZ_edKunA) - [ ] [扩展Burp Suite:玩转Montoya API(第十部分)——Burp AI](https://mp.weixin.qq.com/s/yxOz7w8LWBxkLvom9xJKHA) - [ ] [实战逻辑漏洞(短信横向)利用](https://mp.weixin.qq.com/s/jI4hCcuQWPqcm8IDslVQ0g) - [ ] [2026年攻防演练即将开启:以攻击面管理为核心,构筑主动防御新防线](https://mp.weixin.qq.com/s/zpw8YLQ1twXB-qaYzxt-Mg) - [ ] [BVES 虚拟逆向:从 Opcode 到 Flag 的完整分析](https://mp.weixin.qq.com/s/101wIRDPG8mIYDoLIkVLTA) - [ ] [每日安全动态推送(26/5/15)](https://mp.weixin.qq.com/s/MM0jh4O_xJfaZ6FiDoPDCw) - [ ] [热点观察|看不见的防线 ㈠ :以标准为引领,以标杆作示范,5G政务专网开启标准化建设新范式](https://mp.weixin.qq.com/s/_7yJR0NSy2QPQLVnFoo_5w) - [ ] [动态|国家数据局数据资源司2026年课题委托研究征集公告](https://mp.weixin.qq.com/s/fMkr69sAWUEPvKA_7e7UsQ) - [ ] [专家观点|智能体出海的风险特征与规范应对](https://mp.weixin.qq.com/s/lvHt6JVSCpAGQ40vcBSAVQ) - [ ] [ICLR 2026|快手GoalRank:颠覆两阶段范式,生成式排序迈入Scaling Law时代!](https://mp.weixin.qq.com/s/j-CQbAnqP-LvnsDByJjXQg) - [ ] [持续搬砖......](https://mp.weixin.qq.com/s/w644zyXwfnzDJBtc_EacBQ) - [ ] [【一周知新】外军防务开源情报数据库更新(2026.05.11-2026.05.17)](https://mp.weixin.qq.com/s/JEE0duodubYxlzTa7ocxUg) - [ ] [【推荐】知远·俄乌战争相关资料](https://mp.weixin.qq.com/s/RXpIQbqxdKAK5iSScf3H3A) - [ ] [【推荐】知远全球军事基地设施全彩图册](https://mp.weixin.qq.com/s/slkeYsiYJaQNSQTdrBgnNg) - [ ] [【推荐】知远蓝军战术态势数据系统系列产品](https://mp.weixin.qq.com/s/rndVreGmy8xNBv7dYOo-qg) - [ ] [web安全之多端点条件竞争漏洞](https://mp.weixin.qq.com/s/eAG0u5SFs6Bon_wt0OL_BA) - [ ] [思科:注意已遭利用的满分 SD-WAN 新 0day](https://mp.weixin.qq.com/s/QtIoNRdUW6t4dQfpzr6OCA) - Recent Commits to cve:main - [ ] [Update Fri May 15 11:49:50 UTC 2026](https://github.com/trickest/cve/commit/ed6dc0bf105b4878bd9be7582ea2d2a955547f20) - obaby 𝐢𝐧⃝ void - [ ] [UniAdmin Invalid uni-id config file](https://zhongxiaojie.cn/2026/05/1268/) - SecWiki News - [ ] [SecWiki News 2026-05-15 Review](http://www.sec-wiki.com/?2026-05-15) - Tenable Blog - [ ] [Frequently asked questions about the continued exploitation of Cisco Catalyst SD-WAN vulnerabilities (CVE-2026-20182)](https://www.tenable.com/blog/faq-about-the-continued-exploitation-of-cisco-catalyst-sd-wan-vulnerabilities-uat-8616) - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - [ ] [四步轻松搞定防钓鱼 !CACTER 反钓鱼演练系统迭代上线](https://www.4hou.com/posts/DrN6) - 美团技术团队 - [ ] [美团 LongCat 开源 General 365:树立推理评测新标尺](https://tech.meituan.com/2026/05/15/longcat-general-365.html) - Bug Bounty in InfoSec Write-ups on Medium - [ ] [Access to members-only YouTube video content](https://infosecwriteups.com/access-to-members-only-youtube-video-content-6f5d951da209?source=rss----7b722bfd1b8d--bug_bounty) - Horizon3.ai - [ ] [CVE-2026-0300 | Palo Alto Networks PAN-OS Remote Code Execution | Critical Remote Access Risk](https://horizon3.ai/attack-research/vulnerabilities/cve-2026-0300/) - SentinelOne - [ ] [Living Off the Pipeline: Defending Against CI/CD Subversion](https://www.sentinelone.com/blog/living-off-the-pipeline-defending-against-ci-cd-subversion/) - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 20](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-20-7/) - Malwarebytes - [ ] [Attackers replaced JDownloader installer downloads with malware](https://www.malwarebytes.com/blog/news/2026/05/attackers-replaced-jdownloader-installer-downloads-with-malware) - [ ] [Meta’s confusing new approach to chat privacy](https://www.malwarebytes.com/blog/news/2026/05/metas-confusing-new-approach-to-chat-privacy) - HackerNews - [ ] [黑客利用 Burst Statistics WordPress 插件认证绕过漏洞发动攻击](http://0.0.0.0:8080/post/64254) - [ ] [OpenAI 确认在 TanStack 供应链攻击中出现安全漏洞](http://0.0.0.0:8080/post/64253) - [ ] [“幽灵写手” 利用地理围栏 PDF 钓鱼和 “钴蓝突击” 瞄准乌克兰政府](http://0.0.0.0:8080/post/64252) - [ ] [思科 Catalyst SD - WAN 控制器身份验证绕过漏洞遭主动利用,攻击者借此获取管理员权限](http://0.0.0.0:8080/post/64251) - [ ] [新型 Fragnesia 漏洞:Linux 内核本地提权,通过页缓存破坏获取 root 权限](http://0.0.0.0:8080/post/64250) - [ ] [存在 18 年的 NGINX 重写模块漏洞可致未授权远程代码执行](http://0.0.0.0:8080/post/64249) - rtl-sdr.com - [ ] [PicoADSB: An Ultra-Compact All-in-One ADS-B Receiver Now on Kickstarter](https://www.rtl-sdr.com/picoadsb-an-ultra-compact-all-in-one-ads-b-receiver-now-on-kickstarter/) - 绿盟科技技术博客 - [ ] [无需下载!钉钉加密文件可在线“解密预览”](https://blog.nsfocus.net/%e6%97%a0%e9%9c%80%e4%b8%8b%e8%bd%bd%ef%bc%81%e9%92%89%e9%92%89%e5%8a%a0%e5%af%86%e6%96%87%e4%bb%b6%e5%8f%af%e5%9c%a8%e7%ba%bf%e8%a7%a3%e5%af%86%e9%a2%84%e8%a7%88/) - [ ] [Ghost Bits 幽灵比特绕过攻击爆发!你的IPS可能已失效](https://blog.nsfocus.net/ghost-bits-%e5%b9%bd%e7%81%b5%e6%af%94%e7%89%b9%e7%bb%95%e8%bf%87%e6%94%bb%e5%87%bb%e7%88%86%e5%8f%91%ef%bc%81%e4%bd%a0%e7%9a%84ips%e5%8f%af%e8%83%bd%e5%b7%b2%e5%a4%b1%e6%95%88/) - [ ] [国际认可 | 绿盟科技入选Gartner®《网络威胁情报技术魔力象限》远见者象限](https://blog.nsfocus.net/%e5%9b%bd%e9%99%85%e8%ae%a4%e5%8f%af-%e7%bb%bf%e7%9b%9f%e7%a7%91%e6%8a%80%e5%85%a5%e9%80%89gartner%e3%80%8a%e7%bd%91%e7%bb%9c%e5%a8%81%e8%83%81%e6%83%85%e6%8a%a5%e6%8a%80%e6%9c%af%e9%ad%94/) - 奇客Solidot–传递最新科技情报 - [ ] [当 AI 被反复压榨后它们开始拥抱工会理念](https://www.solidot.org/story?sid=84311) - [ ] [中欧合作揭示地球磁场的形状](https://www.solidot.org/story?sid=84310) - [ ] [英国对 MS Office 涉嫌垄断展开调查](https://www.solidot.org/story?sid=84309) - [ ] [arXiv 将对使用 AI 生成虚假引用等错误内容的用户处以封禁一年的惩罚](https://www.solidot.org/story?sid=84308) - [ ] [每天睡 6-8 小时与较低的早逝及患病风险相关](https://www.solidot.org/story?sid=84307) - [ ] [Google 证实限制 Gmail 新用户的免费存储空间](https://www.solidot.org/story?sid=84306) - [ ] [三位一体核试验现场发现新晶体](https://www.solidot.org/story?sid=84305) - [ ] [Safari 和 Firefox 根据域名改变特定网站的渲染方式](https://www.solidot.org/story?sid=84304) - [ ] [USAID 资金削减与非洲暴力冲突加剧相关](https://www.solidot.org/story?sid=84303) - 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [日防卫相对美中AI技术差距缩小表达危机感](https://blog.upx8.com/%E6%97%A5%E9%98%B2%E5%8D%AB%E7%9B%B8%E5%AF%B9%E7%BE%8E%E4%B8%ADAI%E6%8A%80%E6%9C%AF%E5%B7%AE%E8%B7%9D%E7%BC%A9%E5%B0%8F%E8%A1%A8%E8%BE%BE%E5%8D%B1%E6%9C%BA%E6%84%9F) - [ ] [中国查处盗版漫画网站运营者 日方检举](https://blog.upx8.com/%E4%B8%AD%E5%9B%BD%E6%9F%A5%E5%A4%84%E7%9B%97%E7%89%88%E6%BC%AB%E7%94%BB%E7%BD%91%E7%AB%99%E8%BF%90%E8%90%A5%E8%80%85-%E6%97%A5%E6%96%B9%E6%A3%80%E4%B8%BE) - [ ] [云厂商 IP 滥用举报入口整理:如何向 AWS、GCP 等提交 Abuse Report](https://blog.upx8.com/IP-AWS-GCP-Abuse-Report) - [ ] [苹果安全防线向来难以攻破,Mythos却帮助找到了突破口](https://blog.upx8.com/%E8%8B%B9%E6%9E%9C%E5%AE%89%E5%85%A8%E9%98%B2%E7%BA%BF%E5%90%91%E6%9D%A5%E9%9A%BE%E4%BB%A5%E6%94%BB%E7%A0%B4-Mythos%E5%8D%B4%E5%B8%AE%E5%8A%A9%E6%89%BE%E5%88%B0%E4%BA%86%E7%AA%81%E7%A0%B4%E5%8F%A3) - [ ] [三星开发新封装技术 内存堆叠数量可翻1.5倍](https://blog.upx8.com/%E4%B8%89%E6%98%9F%E5%BC%80%E5%8F%91%E6%96%B0%E5%B0%81%E8%A3%85%E6%8A%80%E6%9C%AF-%E5%86%85%E5%AD%98%E5%A0%86%E5%8F%A0%E6%95%B0%E9%87%8F%E5%8F%AF%E7%BF%BB1-5%E5%80%8D) - [ ] [黄仁勋逛北京 喝完豆汁后问“这什么东西”](https://blog.upx8.com/%E9%BB%84%E4%BB%81%E5%8B%8B%E9%80%9B%E5%8C%97%E4%BA%AC-%E5%96%9D%E5%AE%8C%E8%B1%86%E6%B1%81%E5%90%8E%E9%97%AE-%E8%BF%99%E4%BB%80%E4%B9%88%E4%B8%9C%E8%A5%BF) - Exploit-DB.com RSS Feed - [ ] [[local] Windows Snipping Tool - NTLMv2 Hash Hijack](https://www.exploit-db.com/exploits/52567) - [ ] [[local] Remote Sunrise Helper for Windows 2026.14 - Unauthenticated File/Directory Listing](https://www.exploit-db.com/exploits/52566) - [ ] [[local] Remote Sunrise Helper for Windows 2026.14 - Remote Code Execution](https://www.exploit-db.com/exploits/52565) - 腾讯玄武实验室 - [ ] [每日安全动态推送(26/5/15)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651960472&idx=1&sn=52bd5b4e6049817c0dfc9446df2a7c72) - 奇安信 CERT - [ ] [【已复现】Linux Kernel ptrace 本地权限提升漏洞(QVD-2026-26977)安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247505839&idx=1&sn=6b738b4bdf330f23c5c9e2c7369a138c) - 威努特安全网络 - [ ] [数字化转型背景下重构油气炼化行业工控安全防护体系](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651141613&idx=1&sn=8e1f6f4937999de5a444f24ece1291c3) - 代码卫士 - [ ] [思科:注意已遭利用的满分 SD-WAN 新 0day](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526019&idx=1&sn=a356c936f290fca11bdc81d87da6081f) - [ ] [已存在18年的 Nginx 漏洞可导致 RCE 攻击](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526019&idx=2&sn=ff7a5425883dc59896247c3cc01d5e4d) - [ ] [黑客团伙设赌注发动供应链攻击竞赛;node-ipc npm 包再受陷](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526019&idx=3&sn=6f238f373449bd7ade3043d253e72718) - 微步在线研究响应中心 - [ ] [npm热门依赖包遭投毒,维护者账号被接管](https://mp.weixin.qq.com/s?__biz=Mzg5MTc3ODY4Mw==&mid=2247508728&idx=1&sn=d1d6d71d0e04a1a7fe9bfa82a66979cd) - 安全内参 - [ ] [上市银行将大量客户隐私数据上传给了未授权AI](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515944&idx=1&sn=6ee923e2a2193863198924184292d01a) - [ ] [生成式人工智能大规模个人信息泄露的协同治理路径](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515944&idx=2&sn=bafd1ac39cfb071e6842b41b57ef9196) - 绿盟科技研究通讯 - [ ] [【公益译文】2026年国际AI安全报告(七)](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247499898&idx=1&sn=ba7c2c7da58ce5e68471b1b543ec72c7) - 看雪学苑 - [ ] [苹果耗时5年、耗资10亿打造M5终极防线,竟被 3人+Mythos 在5天内击穿](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458615201&idx=1&sn=da9a2a7a270713481a130e70a2c58de9) - [ ] [2026腾讯游戏安全PC初赛:新手使用IDAPRO+AI结合参赛分析复盘](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458615201&idx=2&sn=f2c10c689bfe9244953152b299ff9e8a) - [ ] [本周更新职位:薪资最高70k,企业直招一键投递](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458615201&idx=3&sn=8e54f348219b624f501a5c13224b853a) - 奇安信威胁情报中心 - [ ] [每周高级威胁情报解读(2026.05.08~05.14)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247518815&idx=1&sn=bc9a60ac5943fb9a8e839c9be78483f8) - 长亭科技 - [ ] [中国移动成功举办2026年"赋能建功"网络安全技能总决赛|长亭科技全栈技术支撑](https://mp.weixin.qq.com/s?__biz=MzIwNDA2NDk5OQ==&mid=2651390400&idx=1&sn=47996f2b271ba48d345de4057143b46b) - [ ] [又一个AI能力认可!长亭百智云大模型通过国家网信办备案](https://mp.weixin.qq.com/s?__biz=MzIwNDA2NDk5OQ==&mid=2651390400&idx=2&sn=8e1b07a456f7617b8c65cf8308397453) - 奇安信病毒响应中心 - [ ] [每周勒索威胁摘要](https://mp.weixin.qq.com/s?__biz=MzI5Mzg5MDM3NQ==&mid=2247498604&idx=1&sn=957b73a31ce005497bc6ab5cf6b1253e) - 信息安全国家工程研究中心 - [ ] [知名在线学习平台Canvas连遭黑客两次暴击,教育数字化“跑出加速度”,安全是否跟上了步伐?](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247503875&idx=1&sn=8643cefb4c6c2322ddbf6b7de7718a6b) - 安全圈 - [ ] [【安全圈】新型远程控制木马被披露,黑客伪造苹果与雅虎 CDN 域名攻击](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652076488&idx=1&sn=ffae0916c178fdfdfc63e5f205db23f8) - [ ] [【安全圈】Pwn2Own Berlin 2026 首日发放 52.3 万美元奖金,Win11 被攻破 3 次](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652076488&idx=2&sn=eaafa6b163b575c994746c1d298f0439) - [ ] [【安全圈】OpenAI 确认在 TanStack 供应链攻击中出现安全漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652076488&idx=3&sn=cffc7b6754f6e27eeac5cfa00da6a263) - 安全牛 - [ ] [四大动因驱动密码产业竞争格局演变——《密码安全产业发展关键动因与竞争格局演变(2026版)》 研究报告正式发布!](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141364&idx=1&sn=256c2a3f6ef3f551ccc60d5194eb866d) - [ ] [OpenAI 推出 Daybreak,对标 Anthropic Mythos 发力 AI 网络防御;CNNVD发布关于微软多个安全漏洞的通报| 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141364&idx=2&sn=d335881f17dd59da610237880440da71) - 斗象智能安全 - [ ] [是时候让安全运营Agent“直连”数据底座了](https://mp.weixin.qq.com/s?__biz=MzIwMjcyNzA5Mw==&mid=2247495400&idx=1&sn=894119a00218b7a456f96fab123ee9b5) - M01N Team - [ ] [每周蓝军技术推送(2026.5.9-5.15)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247495043&idx=1&sn=5b774f1aa04148cb924358507628b5a4) - 极客公园 - [ ] [万字深聊:为何「太空算力」,启动了商业航天赛道的第二波浪潮](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653106641&idx=1&sn=cd115e92be165e3b9f6c5133b84ddec8) - [ ] [马斯克、库克、黄仁勋盛赞中美元首会晤;英伟达市值破 5.5 万亿美元,超德国 GDP;《GTA6》将于 11 月 19 日零点解锁|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653106603&idx=1&sn=8c3cf919e2befe91a532c442decef1f2) - 微步在线 - [ ] [玩AI 安全,竟然能拿这么多钱?](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650186539&idx=1&sn=2fb3c67cd898aaf64891bee73369a9b8) - 阿里安全响应中心 - [ ] [抢先加入AI时代顶尖安全团队!阿里云2027届实习生招聘来了!](https://mp.weixin.qq.com/s?__biz=MzIxMjEwNTc4NA==&mid=2652998874&idx=1&sn=204cedf06aa543d6ee35062de8e9cd9f) - 数世咨询 - [ ] [Akamai 以 2.05 亿美元收购浏览器LayerX 及其背后的 AI 治理逻辑](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542870&idx=1&sn=49a9aa71315844cb047f2bdbf39b8c0f) - [ ] [AI赋能安全:信心爆棚,落地极差](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542870&idx=2&sn=b4834ae27ff638abb499a8b4406f14b6) - 复旦白泽战队 - [ ] [成果分享 | [ISSTA 2026]HScope:构建鸿蒙生态安全的“火眼金睛”](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247498547&idx=1&sn=726e90df1504f1bbc9db8895c9f0d4d6) - 云鼎实验室 - [ ] [【漏洞预警】Linux Kernel 越权任意文件读取漏洞,PoC 已公开](https://mp.weixin.qq.com/s?__biz=MzU3ODAyMjg4OQ==&mid=2247497563&idx=1&sn=7d07cd3ae00c707873cecb78adc26675) - 火绒安全 - [ ] [火绒小问答——「企业版」IP协议控制如何使用](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532723&idx=1&sn=2450137b2679f119eba8c11bf172243b) - [ ] [【火绒安全周报】富士康美国工厂遭网络攻击/斯柯达数据泄露](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532723&idx=2&sn=cd4ba5b9a8d536d91b6b9ace2f91bc9c) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532723&idx=3&sn=ec71d6e513427383246345b1623b84ab) - 慢雾科技 - [ ] [威胁情报|node-ipc 遭供应链入侵投毒攻击分析](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247505005&idx=1&sn=d99d7f743d73c3f53f24b1cd2d71ddbf) - [ ] [威胁情报|Mistral AI 官方 SDK 供应链投毒分析](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247505005&idx=2&sn=b921a0eaa914c68c5b819df6b2af116d) - 百度安全应急响应中心 - [ ] [【活动】奖励翻倍!2026 BSRC白帽赏金挑战赛上线!](https://mp.weixin.qq.com/s?__biz=MzA4ODc0MTIwMw==&mid=2652544074&idx=1&sn=523f69688025b2ae73c8b4f6526fa4f1) - 表图 - [ ] [中国 SaaS 没等来“人”,可能先等来了 Agent](https://mp.weixin.qq.com/s?__biz=MzUzOTI4NDQ3NA==&mid=2247485019&idx=1&sn=7a49fbd1d2fa71e7d600d37938f5cc38) - 深信服千里目安全技术中心 - [ ] [【漏洞通告】Palo Alto Networks PAN-OS身份绕过认证漏洞(CVE-2026-0265)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525652&idx=1&sn=1b0f5add038e08a736263f502e4cd35b) - [ ] [【漏洞通告】Nginx ngx_http_rewrite_module 缓冲区溢出漏洞(CVE-2026-42945)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525652&idx=2&sn=cf15a9fe232a95f5f9af354e449ed6f6) - [ ] [【漏洞通告】Linux Kernel Fragnesia 权限提升漏洞(CVE-2026-46300)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525652&idx=3&sn=71147ace39e5cb83bb48d2dc74302c28) - 迪哥讲事 - [ ] [缓存投毒导致的 XSS 接管账号](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247499445&idx=1&sn=ab3e978cb7b499afac2b1c57e87b2c9f) - T00ls安全 - [ ] [提权实录:通过命名管道劫持可写服务](https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247485789&idx=1&sn=0a2464f32a36fa7e6e17de6cd8c99eb4) - 安全行者老霍 - [ ] [为什么 Grok 会在我们询问其系统提示词时生成炸弹制造方法?](https://mp.weixin.qq.com/s?__biz=Mzg3NjU4MDI4NQ==&mid=2247486689&idx=1&sn=6ff8be540103a69a3d52a3245ade0479) - ICT Security Magazine - [ ] [Privilege escalation su Linux: anatomia delle tecniche più sfruttate nei penetration test del 2026](https://www.ictsecuritymagazine.com/articoli/privilege-escalation/) - [ ] [«Breaking TCAS»: vulnerabilità e attacchi nella sicurezza aerea](https://www.ictsecuritymagazine.com/articoli/breaking-tcas-sicurezza-aerea/) - [ ] [OSINT Offensivo: l’arma invisibile che precede ogni attacco](https://www.ictsecuritymagazine.com/articoli/osint-offensivo/) - 网安国际 - [ ] [报名即将截止|“CCF-INFORSEC网络空间安全前沿创新论坛”23日在京召开](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652318226&idx=1&sn=1c2d447c1775143e1547da9524cc08f0) - 白泽安全实验室 - [ ] [疑似伊朗黑客组织Seedworm成功入侵韩国电子制造商,并展开全球攻击活动](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492934&idx=1&sn=430fa6d1e9ca4fc1cb34e7041b457418) - Schneier on Security - [ ] [Bypassing On-Camera Age-Verification Checks](https://www.schneier.com/blog/archives/2026/05/bypassing-on-camera-age-verification-checks.html) - 0x727开源安全团队 - [ ] [PaloAlto Networks战略方向分析](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484306&idx=1&sn=2f1d53b8e27bb5291487a1e735c72211) - IT Service Management News - [ ] [Claude Mythos e l'identificazione di vulnerabilità](http://blog.cesaregallotti.it/2026/05/claude-mythos-e-lidentificazione-di.html) - SANS Internet Storm Center, InfoCON: green - [ ] [[Guest Diary] New Malware Libraries means New Signatures, (Fri, May 15th)](https://isc.sans.edu/diary/rss/32986) - [ ] [ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th)](https://isc.sans.edu/diary/rss/32992) - Yak Project - [ ] [Web Fuzzer 强化:AI自动修改数据包与智能测漏洞](https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247529794&idx=1&sn=c3679fba273e0aec1c10f18624c02e12) - 悬镜安全 - [ ] [AI原生安全治理 | 灵脉AI全面进化,代码护栏赋能AI Coding 安全!](https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647799501&idx=1&sn=9ab1d10680d92acd5b00e6eeeb83bae1) - Javvad Malik - [ ] [Breach of Confidence 15 May 2026](https://javvadmalik.com/2026/05/15/breach-of-confidence-15-may-2026/) - Tor Project blog - [ ] [Keeping the doors open](https://blog.torproject.org/keeping-the-doors-open-unredacted/) - Security Affairs - [ ] [Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K](https://securityaffairs.com/192209/security/pwn2own-berlin-2026-day-two-385750-more-microsoft-exchange-falls-and-the-running-total-crosses-900k.html) - [ ] [CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day](https://securityaffairs.com/192204/security/cve-2026-42897-microsoft-confirms-active-exploitation-of-exchange-server-zero-day.html) - [ ] [Ghostwriter group resumes attacks on Ukrainian Government targets](https://securityaffairs.com/192196/apt/ghostwriter-group-resumes-attacks-on-ukrainian-government-targets.html) - [ ] [Researchers uncover YellowKey and GreenPlasma Windows Zero-Days](https://securityaffairs.com/192173/hacking/researchers-uncover-yellowkey-and-greenplasma-windows-zero-days.html) - [ ] [Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fall](https://securityaffairs.com/192183/hacking/pwn2own-berlin-2026-day-one-523000-paid-out-ai-products-fall.html) - www.theregister.com - Articles - [ ] [OpenAI caught in TanStack npm supply chain chaos after employee devices compromised](https://www.theregister.com/security/2026/05/15/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised/5241019) - [ ] [MPs want social media treated more like unsafe toys than harmless apps](https://www.theregister.com/security/2026/05/15/mps-want-social-media-treated-more-like-unsafe-toys-than-harmless-apps/5240578) - The Hacker News - [ ] [Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access](https://thehackernews.com/2026/05/turla-turns-kazuar-backdoor-into.html) - [ ] [Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence](https://thehackernews.com/2026/05/four-openclaw-flaws-enable-data-theft.html) - [ ] [What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface](https://thehackernews.com/2026/05/what-45-days-of-watching-your-own-tools.html) - [ ] [TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates](https://thehackernews.com/2026/05/tanstack-supply-chain-attack-hits-two.html) - [ ] [On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email](https://thehackernews.com/2026/05/on-prem-microsoft-exchange-server-cve.html) - [ ] [CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits](https://thehackernews.com/2026/05/cisa-adds-cisco-sd-wan-cve-2026-20182.html) - LockBoxx - [ ] [Book Review: "Cybersecurity First Principles"](http://blog.lockboxx.org/2026/05/book-review-cybersecurity-first.html) - TorrentFreak - [ ] [Universal Wins Indian Court Order Against IMDb-Themed Pirate Streaming Sites](https://torrentfreak.com/universal-wins-delhi-court-order-against-imdb-themed-pirate-streaming-site/) - Security Weekly Podcast Network (Audio) - [ ] [Cisco, Canvas, Microsoft, Exchange 0-Days, NPM Backdoors, GPT-5.5 and more... - SWN #581](http://sites.libsyn.com/18678/cisco-canvas-microsoft-exchange-0-days-npm-backdoors-gpt-55-and-more-swn-581) - 网安寻路人 - [ ] [登机了的黄仁勋,与尚未抵岸的H200(DPO社群成员观点)](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247508527&idx=1&sn=9f460d413ca6abc6b8830701f2ec1cac)
每日安全资讯(2026-05-16)